Does the Prompt Firewall run locally?

Yes. The firewall operates as a local HTTP/HTTPS proxy on your machine, ensuring prompts are intercepted and sanitized before they reach the external network.

Do I need a local LLM to use the Prompt Firewall?

No. The firewall includes fast, deterministic PII data filters out of the box. Running a local LLM is optional, but it enables deeper, context-aware scanning and prompt optimization.

Which clients can use the Prompt Firewall?

Any AI client or tooling that can be configured to use an HTTP/HTTPS proxy, such as Claude Code, Cursor, or your own custom integration scripts.

How does it protect PII?

It uses regex and pattern-based deterministic filtering to detect and redact standard sensitive strings like API keys, social security numbers, and internal IP addresses before the payload is allowed out.

docs/tools/prompt_firewall

AgenticSecurity

Prompt Firewall & Sanitizer Proxy

Tool Name: prompt_firewall

The Prompt Firewall intercepts outbound AI agent prompts, preventing confidential data and secrets from leaving your machine. Acting as a proxy for clients like Claude Code, it uses deterministic PII data filters and offers optional local LLM integration for complex prompt scanning and optimization.

Agentic Store Architecture with Prompt Firewall

Agentic Store Architecture — Data stays protected before reaching third-party APIs.

Demo: The Prompt Firewall in action.

Features & Capabilities

Deterministic PII Filters: Uses rules-based pattern matching to instantly identify and redact highly sensitive data such as keys, tokens, and standard PII.
Local LLM Scanning: Wire the proxy to an optional local inference engine (like Ollama or llama.cpp) to contextually inspect and optimize unstructured prompt content for maximum privacy.
Universal Compatibility: Works entirely outside the core AI agent logic by acting as a native HTTP/HTTPS proxy. Out-of-the-box support for any standard AI HTTP client, including Claude Code.

[note]

Please ensure your AI client's proxy environment variables (HTTP_PROXY, HTTPS_PROXY) are configured to route through the Prompt Firewall's listening port to enable interception.

Explore other tools

→ Secret & Repo Scanner MCP Tool → Dependency Vulnerability Audit Tool → Web Search & Scraper MCP Tool

Frequently asked questions